name: Build and Deploy

on:
  push:
    tags:
      - 'v*.*.*'
  workflow_dispatch:

jobs:
  build-and-deploy:
    runs-on: ubuntu-latest
    
    steps:
      - name: Checkout code
        uses: actions/checkout@v4

      - name: Extract version from tag
        id: version
        run: |
          if [[ "${{ github.ref }}" =~ ^refs/tags/v(.*)$ ]]; then
            echo "version=${BASH_REMATCH[1]}" >> $GITHUB_OUTPUT
            echo "tag=${BASH_REMATCH[0]#refs/tags/}" >> $GITHUB_OUTPUT
          else
            echo "version=latest" >> $GITHUB_OUTPUT
            echo "tag=latest" >> $GITHUB_OUTPUT
          fi

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Log in to GitHub Container Registry
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Build and push Docker image
        uses: docker/build-push-action@v5
        with:
          context: .
          push: true
          tags: |
            ghcr.io/ryankazokas/turbovault-app:${{ steps.version.outputs.tag }}
            ghcr.io/ryankazokas/turbovault-app:latest
          cache-from: type=gha
          cache-to: type=gha,mode=max

      - name: Connect to Tailscale
        uses: tailscale/github-action@v2
        with:
          oauth-client-id: ${{ secrets.TAILSCALE_CLIENT_ID }}
          oauth-secret: ${{ secrets.TAILSCALE_CLIENT_SECRET }}
          tags: tag:ci

      - name: Setup kubectl
        uses: azure/setup-kubectl@v3

      - name: Configure kubeconfig
        env:
          KUBECONFIG_CONTENT: ${{ secrets.KUBECONFIG }}
        run: |
          mkdir -p ~/.kube
          echo "$KUBECONFIG_CONTENT" | base64 -d > ~/.kube/config
          chmod 600 ~/.kube/config

      - name: Deploy to Kubernetes
        run: |
          echo "🚀 Deploying version ${{ steps.version.outputs.tag }} to Kubernetes..."
          
          kubectl set image deployment/turbovault \
            turbovault=ghcr.io/ryankazokas/turbovault-app:${{ steps.version.outputs.tag }} \
            -n turbovault
          
          echo "⏳ Waiting for rollout to complete..."
          kubectl rollout status deployment/turbovault -n turbovault --timeout=5m
          
          echo "✅ Deployment complete!"
          echo ""
          echo "📊 Current pods:"
          kubectl get pods -n turbovault -l app=turbovault

      - name: Deployment summary
        if: success()
        run: |
          echo "✅ Build and deployment successful!"
          echo ""
          echo "📦 Image: ghcr.io/ryankazokas/turbovault-app:${{ steps.version.outputs.tag }}"
          echo "🚀 Deployed to: turbovault namespace"
          echo ""
          echo "View logs:"
          echo "kubectl logs -f -l app=turbovault -n turbovault"

      - name: Rollback on failure
        if: failure()
        env:
          KUBECONFIG_CONTENT: ${{ secrets.KUBECONFIG }}
        run: |
          echo "❌ Deployment failed! Attempting rollback..."
          mkdir -p ~/.kube
          echo "$KUBECONFIG_CONTENT" | base64 -d > ~/.kube/config
          kubectl rollout undo deployment/turbovault -n turbovault || true
          echo "⚠️ Rollback attempted. Check cluster status manually."